From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: None (no SPF record) identity=mailfrom; client-ip=2a00:1450:4864:20::244; helo=mail-lj1-x244.google.com; envelope-from=mw@semihalf.com; receiver=edk2-devel@lists.01.org Received: from mail-lj1-x244.google.com (mail-lj1-x244.google.com [IPv6:2a00:1450:4864:20::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 59FA021962301 for ; Tue, 25 Sep 2018 10:59:13 -0700 (PDT) Received: by mail-lj1-x244.google.com with SMTP id r83-v6so4616333ljr.7 for ; Tue, 25 Sep 2018 10:59:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=semihalf-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id; bh=/JpMG0zoa7Ut8JTd6uO9/dcEYYF1Qr/fvgJvhj5BPCI=; b=Q/wVnDsM7CPOwE8rRLh4FauCxiyGarZ/tSmUd+uPU1BioLP1an0M/8IGXOuT9AYNm4 kT2T2IapVgcQetuRPpAQ0i98lrlX12PV7nFpxGFISK3azgi+sB79+vlwHr1hq9bIZTAr O5lSJXIsfamqmKC/uVT2co02HlXfi7aJb3jYgKJGqynvH7ii7HaXwNIsU+/JZ8R8QkcF fKTQB6iWoM2dxy9DXOpwAgJoXG60R0PurkHeshMGd513uYYJE7wS9TH6f72REYL+LIbW B/r9CHj1N4kZZeJRSOrsQMj+Rt5kYXJidX9AxRxXVuUk9hlPUgti3J+0wQ+6vKS5BSTO lY0w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=/JpMG0zoa7Ut8JTd6uO9/dcEYYF1Qr/fvgJvhj5BPCI=; b=sRvRj4anRhE9lqOXx9hFL2Raaku+i16sTLkzhUo0qdgJASio0dnV6AZg/AWBhhUGEK T8LIXYMcIamoGFAFX2K3tb/mXx/wWT3I21O1TS5JNOO6VdlrK0Iv06oM4Spc5L2Dt3x5 5Yv7GiErUauvdz50ksDj+W4sOh8NP/G4V04eUjBfgzRsv7Qmn7T6ODBF5IneaSneZesR mVukNSoWUKIF6Eitre+DQQH8d15m1J4D3raOuG0MpOcQZCKZzxQ2J3K8nYD7Gua7Cwer YAkngPEDKY7yr3XgtHn65T4Vo5C0TOvyBrbmVr7FEoPeb913vCRMEX8pIYnX6BkVzusV d/4g== X-Gm-Message-State: ABuFfoiYz1D9TEoSItu+ba10tsCx93CCN4SSJIJvWHMMDunrV+07hlXZ Pj6Qne1Oe0I7xa1f0vi9gHuoo8FniAU= X-Google-Smtp-Source: ACcGV62rosBHAwgq8f4t6KtunUHXwx1VrQtxqgA7+9kGKIaxEpYXcaxuFuPJ469Bcq/L6bxbFKYUUA== X-Received: by 2002:a2e:9a4d:: with SMTP id k13-v6mr1815436ljj.17.1537898351034; Tue, 25 Sep 2018 10:59:11 -0700 (PDT) Received: from gilgamesh.semihalf.com (31-172-191-173.noc.fibertech.net.pl. [31.172.191.173]) by smtp.gmail.com with ESMTPSA id m66-v6sm285552lfi.79.2018.09.25.10.59.09 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 25 Sep 2018 10:59:10 -0700 (PDT) From: Marcin Wojtas To: edk2-devel@lists.01.org Cc: feng.tian@intel.com, michael.d.kinney@intel.com, liming.gao@intel.com, leif.lindholm@linaro.org, ard.biesheuvel@linaro.org, nadavh@marvell.com, mw@semihalf.com, jsd@semihalf.com, jaz@semihalf.com, Ruiyu Ni , Fei1 Wang , Star Zeng Date: Tue, 25 Sep 2018 19:58:33 +0200 Message-Id: <1537898313-1767-1-git-send-email-mw@semihalf.com> X-Mailer: git-send-email 2.7.4 Subject: [PATCH] MdeModulePkg: XhciDxe: Prevent illegal memory access in XhcSetHsee X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Sep 2018 17:59:13 -0000 REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1206 Newly added XhcSetHsee() routine reads 4 bytes into a UINT16 variable causing issues on PCIE and NonDiscoverable Xhci controllers. Fix that. Cc: Ruiyu Ni Cc: Fei1 Wang Cc: Star Zeng Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Marcin Wojtas --- MdeModulePkg/Bus/Pci/XhciDxe/XhciReg.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/MdeModulePkg/Bus/Pci/XhciDxe/XhciReg.c b/MdeModulePkg/Bus/Pci/XhciDxe/XhciReg.c index 89f073e..dfe5f6c 100644 --- a/MdeModulePkg/Bus/Pci/XhciDxe/XhciReg.c +++ b/MdeModulePkg/Bus/Pci/XhciDxe/XhciReg.c @@ -607,7 +607,7 @@ XhcSetHsee ( PciIo = Xhc->PciIo; Status = PciIo->Pci.Read ( PciIo, - EfiPciIoWidthUint16, + EfiPciIoWidthUint8, PCI_COMMAND_OFFSET, sizeof (XhciCmd), &XhciCmd -- 2.7.4